Home Cyber Attack New Instagram Phishing Scheme Aims At Hacking Profiles
Cyber AttackHacking NewsLatest Cyber Security News | Network Security HackingNews

New Instagram Phishing Scheme Aims At Hacking Profiles

by Abeerah Hashim
written by Abeerah Hashim
Instagram phishing hacking profiles

Heads up Instagram users! The hackers are targeting you once again. A new phishing scheme is actively targeting Instagram users for hacking users’ profiles.

Instagram Phishing For Hacking Profiles

Researchers from Trend Micro have uncovered a new phishing attack active in the wild. This time, the phishing scheme aims at hacking Instagram profiles.

As elaborated in their blog post, the overall phishing strategy is pretty similar to the general phishing campaigns. The attack begins by tricking users into clicking on malicious links embedded in messages impersonating Instagram’s team as senders.

In this scheme, however, the difference lies in that the attackers do not use emails for sending the phishing messages. Rather they directly send these messages as Direct Message to the users on the Instagram platform. Whereas, the sender mimics Instagram’s Help Center.

The message creates a sense of panic and urgency to confuse the victims as it tells them to verify their accounts following a reported copyright violation.

Source: Trend Micro

Clicking on the embedded link then redirects the victim to a web page asking to enter the username.

Source: Trend Micro

Once done, another web page appears that asks for even more details, apparently, for account verification. This even includes the users’ actual email credentials in addition to the Instagram account login.

Source: Trend Micro

After entering all the details, the victim will be redirected to the legit Instagram login page. Though, if the victim was already logged in, the victim would then land on the home page. In this, the attackers manage to keep the attack veiled.

Now, the attacker has obtained all the details from the victim, including email credentials. Hence, they can continue taking over not only Instagram but the victim’s email account as well.

Though, what they intend to do is to grab the Instagram account only. Hence, they unlink the victim’s cell number from the Instagram account and change the email address.

Attack Active In The Wild

According to the researchers, the new phishing campaign is active in the wild. They could link bank the scheme with Turkish hacking groups that also previously conducted similar campaigns via emails.

Thus, all Instagram users must remain very careful for the DMs as well as emails. They should refrain from clicking on any links embedded in such messages. Moreover, they can contact the support team to confirm the legitimacy of any messages relating to or asking for account details.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Multiple Vulnerabilities Found In Forminator WordPress Plugin

Palo Alto Networks Patched A Pan-OS Vulnerability Under...

Apple Removed Numerous Apps From China App Store

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...